<!--
  This file is a part of the open-eBackup project.
  This Source Code Form is subject to the terms of the Mozilla Public License, v. 2.0.
  If a copy of the MPL was not distributed with this file, You can obtain one at
  http://mozilla.org/MPL/2.0/.
  
  Copyright (c) [2024] Huawei Technologies Co.,Ltd.
  
  THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
  EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
  MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
  -->


<!--
  This file is a part of the open-eBackup project.
  This Source Code Form is subject to the terms of the Mozilla Public License, v. 2.0.
  If a copy of the MPL was not distributed with this file, You can obtain one at
  http://mozilla.org/MPL/2.0/.
  
  Copyright (c) [2024] Huawei Technologies Co.,Ltd.
  
  THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
  EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
  MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
  -->

<!--
  This file is a part of the open-eBackup project.
  This Source Code Form is subject to the terms of the Mozilla Public License, v. 2.0.
  If a copy of the MPL was not distributed with this file, You can obtain one at
  http://mozilla.org/MPL/2.0/.
  
  Copyright (c) [2024] Huawei Technologies Co.,Ltd.
  
  THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
  EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
  MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
  -->

<!--
  This file is a part of the open-eBackup project.
  This Source Code Form is subject to the terms of the Mozilla Public License, v. 2.0.
  If a copy of the MPL was not distributed with this file, You can obtain one at
  http://mozilla.org/MPL/2.0/.
  
  Copyright (c) [2024] Huawei Technologies Co.,Ltd.
  
  THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
  EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
  MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
  -->

<!DOCTYPE html
  PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html lang="zh-cn" xml:lang="zh-cn">
<head>
      <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
   
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="DC.Type" content="topic">
<meta name="DC.Title" content="用户角色介绍">
<meta name="product" content="">
<meta name="DC.Relation" scheme="URI" content="zh-cn_topic_0000001839224353.html">
<meta name="prodname" content="">
<meta name="version" content="">
<meta name="brand" content="30-OceanProtect 备份一体机 1.5.0-1.6.0 帮助中心">
<meta name="DC.Publisher" content="20240320">
<meta name="DC.Format" content="XHTML">
<meta name="DC.Identifier" content="ZH-CN_TOPIC_0000001839144405">
<meta name="DC.Language" content="zh-cn">
<link rel="stylesheet" type="text/css" href="public_sys-resources/commonltr.css">
<title>用户角色介绍</title>
</head>
<body style="clear:both; padding-left:10px; padding-top:5px; padding-right:5px; padding-bottom:5px"><a name="ZH-CN_TOPIC_0000001839144405"></a><a name="ZH-CN_TOPIC_0000001839144405"></a>

<h1 class="topictitle1">用户角色介绍</h1>
<div><p class="MsoNormal" id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_zh-cn_topic_0223232618_p36771798">为了防止错误的操作影响到业务系统的稳定性及业务数据的安全性，系统通过角色来控制用户的操作权限和范围。在使用本文档前，请确认您当前账号所具备的操作权限。</p>
<div class="section" id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_zh-cn_topic_0223232618_section62510731"><h4 class="sectiontitle">用户角色定义</h4><p id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_zh-cn_topic_0223232618_p178819511347"><strong id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_zh-cn_topic_0223232618_b12586267">角色</strong>：用于定义用户的操作或访问对象范围。</p>
<p id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_zh-cn_topic_0223232618_p12854735">系统只提供内置角色，内置角色是系统预置具有特定权限的角色。内置角色对应的权限如<a href="#ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_zh-cn_topic_0223232618_table2389521">表1</a>所示。</p>

<div class="tablenoborder"><a name="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_zh-cn_topic_0223232618_table2389521"></a><a name="zh-cn_topic_0000001792345766_zh-cn_topic_0223232618_table2389521"></a><table cellpadding="4" cellspacing="0" summary="" id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_zh-cn_topic_0223232618_table2389521" frame="border" border="1" rules="all"><caption><b>表1 </b>内置角色</caption><colgroup><col style="width:14.219999999999999%"><col style="width:45.739999999999995%"><col style="width:40.04%"></colgroup><thead align="left"><tr id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_zh-cn_topic_0223232618_row55630747"><th align="left" class="cellrowborder" valign="top" width="14.220000000000002%" id="mcps1.3.2.4.2.4.1.1"><p id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_zh-cn_topic_0223232618_p9796655">预置角色</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="45.74%" id="mcps1.3.2.4.2.4.1.2"><p id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_zh-cn_topic_0223232618_p52676258">预置角色权限说明</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="40.040000000000006%" id="mcps1.3.2.4.2.4.1.3"><p id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_p62933297125">系统内置用户</p>
</th>
</tr>
</thead>
<tbody><tr id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_zh-cn_topic_0223232618_row38918480"><td class="cellrowborder" valign="top" width="14.220000000000002%" headers="mcps1.3.2.4.2.4.1.1 "><p id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_zh-cn_topic_0223232618_p65389142"><span id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_text8719617191918">系统管理员</span></p>
</td>
<td class="cellrowborder" valign="top" width="45.74%" headers="mcps1.3.2.4.2.4.1.2 "><p id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_zh-cn_topic_0223232618_p58305164">具有该角色的用户具备系统的所有权限。</p>
<div class="note" id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_note154143357435"><span class="notetitle"> 说明： </span><div class="notebody"><p id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_p241412350436">完成系统管理员用户创建后，需要设置发件邮箱和找回密码邮箱。</p>
</div></div>
</td>
<td class="cellrowborder" valign="top" width="40.040000000000006%" headers="mcps1.3.2.4.2.4.1.3 "><ul id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_ul1213835153913"><li id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_li31381553399">sysadmin：内置系统管理员，可以登录GUI，也可以调用REST API。<p id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_p51312816396"><a name="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_li31381553399"></a><a name="zh-cn_topic_0000001792345766_li31381553399"></a>默认密码请参见<a href="https://support.huawei.com/enterprise/zh/flash-storage/oceanprotect-databackup-pid-258115661?category=operation-maintenance" target="_blank" rel="noopener noreferrer">《OceanProtect 备份一体机 1.6.0 账号列表》</a>。</p>
</li><li id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_li213855113914">cluster_admin：内置系统管理员机机账号，不能登录GUI，只能调用REST API。<p id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_p128420121398"><a name="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_li213855113914"></a><a name="zh-cn_topic_0000001792345766_li213855113914"></a>密码在系统初始化时随机生成，可以在<span id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_text13858144611478">OceanProtect</span>重置其密码。</p>
</li></ul>
</td>
</tr>
<tr id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_zh-cn_topic_0223232618_row1342792"><td class="cellrowborder" valign="top" width="14.220000000000002%" headers="mcps1.3.2.4.2.4.1.1 "><p id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_zh-cn_topic_0223232618_p41657359"><span id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_text98996018205">数据保护管理员</span></p>
</td>
<td class="cellrowborder" valign="top" width="45.74%" headers="mcps1.3.2.4.2.4.1.2 "><p id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_zh-cn_topic_0223232618_p81934512385">具有该角色的用户具备数据保护相关的权限，如备份、恢复等功能。</p>
<div class="note" id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_note8558181613308"><span class="notetitle"> 说明： </span><div class="notebody"><ul id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_ul85711647164413"><li id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_li10571547114415">数据保护管理员只能查看本角色的权限，只能修改自身的密码，无法查看和修改其他用户的密码。</li><li id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_li185711447154413">数据保护管理员不支持组建和删除多集群成员、添加和删除HA、查看节点详情等权限。</li><li id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_li35712476449">数据保护管理员不支持查看<span class="uicontrol" id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_uicontrol777116358818">“安全策略”</span>、<span class="uicontrol" id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_uicontrol5612173918819">“证书”</span>、<span class="uicontrol" id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_uicontrol1361114428814">“数据安全”</span>信息等权限。</li><li id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_li75711447134419">SAML类型的数据保护管理员不支持查看<span class="uicontrol" id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_uicontrol10299920143220">“系统容量”</span>、<span class="uicontrol" id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_uicontrol1967072212320">“数据缩减”</span>和<span class="uicontrol" id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_uicontrol132481925153214">“性能统计”</span>信息。支持在首页查看备份配额、归档配额信息。即从<span id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_ph18528192414332">eDME</span>跳转<span id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_text389054704713">OceanProtect</span>后，首页内容与<a href="zh-cn_topic_0000001839144861.html#ZH-CN_TOPIC_0000001839144861__section28201358103714">OceanProtect介绍</a>有差异。</li></ul>
</div></div>
</td>
<td class="cellrowborder" valign="top" width="40.040000000000006%" headers="mcps1.3.2.4.2.4.1.3 "><p id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_p7223227527">mmdp_admin：内置数据保护管理员机机账号，不能登录GUI，只能调用REST API。</p>
<p id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_p5570193515563">密码在系统初始化时随机生成，可以在<span id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_text14706748134714">OceanProtect</span>重置其密码。</p>
</td>
</tr>
<tr id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_row16317111414011"><td class="cellrowborder" valign="top" width="14.220000000000002%" headers="mcps1.3.2.4.2.4.1.1 "><p id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_p1563434519375"><span id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_text116981215203">审计员</span></p>
</td>
<td class="cellrowborder" valign="top" width="45.74%" headers="mcps1.3.2.4.2.4.1.2 "><p id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_p1631831415011">具有该角色的用户可以对系统进行审计，具有系统的只读权限。</p>
</td>
<td class="cellrowborder" valign="top" width="40.040000000000006%" headers="mcps1.3.2.4.2.4.1.3 "><p id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_p153831475210">mm_audit：内置审计员机机账号，不能登录GUI，只能调用REST API。</p>
<p id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_p4541144235611">密码在系统初始化时随机生成，可以在<span id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_text4618049104710">OceanProtect</span>重置其密码。</p>
</td>
</tr>
<tr id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_zh-cn_topic_0223232618_row1064183514187"><td class="cellrowborder" valign="top" width="14.220000000000002%" headers="mcps1.3.2.4.2.4.1.1 "><p id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_zh-cn_topic_0223232618_p141941339161811"><span id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_text181234316205">远端设备管理员</span></p>
</td>
<td class="cellrowborder" valign="top" width="45.74%" headers="mcps1.3.2.4.2.4.1.2 "><p id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_p39408291005">具有该角色的用户可用于副本复制时目标集群和源集群之间进行鉴权和认证。</p>
</td>
<td class="cellrowborder" valign="top" width="40.040000000000006%" headers="mcps1.3.2.4.2.4.1.3 "><p id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_p112931929121213">-</p>
</td>
</tr>
<tr id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_row571913175515"><td class="cellrowborder" valign="top" width="14.220000000000002%" headers="mcps1.3.2.4.2.4.1.1 "><p id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_p27197125518"><span id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_text88310172564">灾备管理员</span></p>
</td>
<td class="cellrowborder" valign="top" width="45.74%" headers="mcps1.3.2.4.2.4.1.2 "><p id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_p117198119553">该角色的用户具有查询集群信息与容量信息的权限，以及操作SAML用户的相关权限，如SAML用户的增删改查，配额与功能管理。</p>
</td>
<td class="cellrowborder" valign="top" width="40.040000000000006%" headers="mcps1.3.2.4.2.4.1.3 "><p id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_p20719114558">-</p>
</td>
</tr>
<tr id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_row317995717515"><td class="cellrowborder" valign="top" width="14.220000000000002%" headers="mcps1.3.2.4.2.4.1.1 "><p id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_p1117913573514">设备管理员</p>
</td>
<td class="cellrowborder" valign="top" width="45.74%" headers="mcps1.3.2.4.2.4.1.2 "><p id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_p7530209175219">内部使用角色，界面不可配置。用于对<span id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_text9282125094711">OceanProtect</span>进行升级和运维，如使用该角色通过SmartKit对<span id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_text10810850174712">OceanProtect</span>进行升级。</p>
</td>
<td class="cellrowborder" valign="top" width="40.040000000000006%" headers="mcps1.3.2.4.2.4.1.3 "><p id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_p37173210527">admin：内置设备管理员，可以登录设备管理GUI，也可以调用部分REST API。首次登录时，需要初始化密码。 修改密码的操作，请参见<a href="https://support.huawei.com/enterprise/zh/flash-storage/oceanprotect-databackup-pid-258115661?category=operation-maintenance" target="_blank" rel="noopener noreferrer">《OceanProtect 备份一体机 1.6.0 账号列表》</a>。</p>
</td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="section" id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_zh-cn_topic_0223232618_section25725667"><h4 class="sectiontitle">查询当前登录用户权限</h4><p class="MsoNormal" id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_zh-cn_topic_0223232618_p53986228">登录系统后，通过以下操作可了解您当前账号所具备的操作权限和操作范围。</p>
<p id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_p2060714435815"><strong id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_b01681495813">操作步骤</strong></p>
<ol id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_zh-cn_topic_0223232618_ol10808352"><li id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_zh-cn_topic_0223232618_li3061316">选择“<span id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_text128271914318">系统</span> &gt; <span id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_text125569281436">安全</span> &gt; <span id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_text13958114211313">用户和角色</span> &gt; <span id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_text12340322181415">用户</span>”。</li><li id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_zh-cn_topic_0223232371_li42268317"><strong id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_zh-cn_topic_0223232371_b44870534">可选: </strong>可以单击“<span id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_text12188446610">角色</span>”旁的<span><img id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_zh-cn_topic_0223232371_image2939135375218" src="zh-cn_image_0000001792346050.png"></span>，对用户进行筛选。或单击“<span id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_text1467172583618">名称</span>”旁的<span><img id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_zh-cn_topic_0223232371_image193269489536" src="zh-cn_image_0000001839145145.png"></span>，对用户进行搜索。</li><li id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_zh-cn_topic_0223232618_li17107479">在用户列表中，浏览当前登录用户的“<span id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_text109486171853">角色</span>”信息，并根据<a href="#ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_zh-cn_topic_0223232618_table2389521">表1</a>确定当前账号的操作权限及范围。<div class="note" id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_zh-cn_topic_0223232618_note36155069"><img src="public_sys-resources/note_3.0-zh-cn.png"><span class="notetitle"> </span><div class="notebody"><p id="ZH-CN_TOPIC_0000001839144405__zh-cn_topic_0000001792345766_zh-cn_topic_0223232618_p1231173163714">如果以系统管理员用户身份登录，可以查看到当前管理设备的所有用户信息。</p>
</div></div>
</li></ol>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>父主题：</strong> <a href="zh-cn_topic_0000001839224353.html">管理用户</a></div>
</div>
</div>

<div class="hrcopyright"><hr size="2"></div><div class="hwcopyright">版权所有 &copy; 华为技术有限公司</div></body>
</html>